Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Arctic Wolf

The Human Factor in Cybersecurity: How to Reduce Risk, Build Culture, and Strengthen Resilience

Oct 2, 2025 By Arctic Wolf In Arctic Wolf
In today’s cybersecurity landscape, one thing remains constant: humans are both our greatest asset and our biggest risk. Despite increasingly sophisticated technology, human risk, insider threats, and social engineering attacks like phishing,continue to lead the charge when it comes to successful breaches.
Read Post
Arctic Wolf

Smash and Grab: Aggressive Akira Campaign Targets SonicWall VPNs, Deploys Ransomware in an Hour or Less

Sep 26, 2025 By Arctic Wolf Labs In Arctic Wolf
In late July 2025, Arctic Wolf Labs began observing a surge of intrusions involving suspicious SonicWall SSL VPN activity. Malicious logins were followed within minutes by port scanning, Impacket SMB activity, and rapid deployment of Akira ransomware. Victims spanned across multiple sectors and organization sizes, suggesting opportunistic mass exploitation. This campaign has recently escalated, with new infrastructure linked to it observed as late as September 20, 2025.
Read Post
Arctic Wolf

The Aurora Endpoint Experience: Test Drive Market-Leading Endpoint Security

Sep 26, 2025 By Arctic Wolf In Arctic Wolf
Endpoint security offers immense value to organizations looking to harden their attack surface and reduce overall risk. But endpoint security has evolved considerably over the decades, and not all endpoint security is created equal. Aurora Endpoint Security delivers market-leading AI-driven prevention, detection, and response, stopping threats before they disrupt your business.
Read Post
Arctic Wolf

Cisco Patches ASA, FTD, and IOS Vulnerabilities, Including Critical and Exploited Flaws

Sep 26, 2025 By Andres Ramos In Arctic Wolf
On September 25, 2025, Cisco released fixes for two vulnerabilities in Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) that are currently being actively exploited by a sophisticated threat actor. The US Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-03 requiring Federal Civilian Executive Branch (FCEB) agencies to patch these vulnerabilities by 12 PM EDT on September 26.
Read Post

Zero Assumptions: A Data Science & Threat Intel Roundtable

Sep 24, 2025 By Arctic Wolf Networks In Arctic Wolf
How do data science and threat intelligence intersect to strengthen defenses in today’s evolving cyber landscape? Join us this Wednesday, September 24 at 10 AM ET for a special edition of Arctic Wolf SOCast: Zero Assumptions, where our experts will break down how advanced analytics and threat research work hand-in-hand to outpace attackers. Featuring.
View Video
Arctic Wolf

CVE-2025-26399: Critical Unauthenticated RCE in SolarWinds Web Help Desk Through Second Bypass

Sep 23, 2025 By Andres Ramos In Arctic Wolf
On September 23, 2025, SolarWinds released a hotfix for a critical vulnerability impacting Web Help Desk (WHD), tracked as CVE-2025-26399. The vulnerability arises from a deserialization flaw in the AjaxProxy component that could allow a remote unauthenticated threat actor to achieve remote code execution. CVE-2025-26399 is the second bypass of a flaw originally disclosed last year as CVE-2024-28986 within WHD, with the first bypass being CVE-2024-28988.
Read Post
Arctic Wolf

CVE-2025-10035: Maximum-Severity Command Injection Vulnerability in Fortra GoAnywhere MFT

Sep 19, 2025 By Andres Ramos In Arctic Wolf
On September 18, 2025, Fortra released a patch addressing a critical vulnerability in GoAnywhere Managed File Transfer (MFT), tracked as CVE-2025-10035. The vulnerability stems from a deserialization flaw in the License Servlet of GoAnywhere MFT, allowing a remote threat actor with a valid forged license response signature to deserialize an arbitrary, threat-actor-controlled object and potentially achieve command injection.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.